Hi, Yep!
# Nat section rdr on $if_ext2 proto tcp from any to $ip_ext2 port http tag http_link2 -> $dmz_http # Rule section pass in quick on $if_ext2 reply-to ($if_ext2 $gw_ext2) tagged http_link2 The reply-to is apply on the tag match. Thanks for Gabriel ! 2010/6/30 Vitaliy Vladimirovich <artem...@ukr.net>: > > Hi Luiz! > > Can you post here your working final ruleset with rdr + replye-to? Only > rdr + reply-to section. > > Thank you! > > > PERFECT !!!!! > > This is it ! (tribute to MJ) > > worked perfectly, had not really thought about using tag, perfect. > > thank you (valeu !) > > goodbye rinetd/redir ! > > 2010/6/28 Gabriel Fonseca <gabr...@ethx.com.br>: >> 2010/6/28 Luiz Gustavo S. Costa <luizgust...@luizgustavo.pro.br> >>> >>> hi Chris ! how are you? >>> >>> as it says here in Brazil: "I eat ball" :). >>> >>> pass in $if_int reply-to ($if_ext2 $gw_ext2) proto tcp from any to >>> 192.168.1.100 port 80 >>> >>> but still, the combination does not work >>> >>> thanks >>> >>> >>> 2010/6/28 Chris Buechler <cbuech...@gmail.com>: >>> > On Mon, Jun 28, 2010 at 5:12 PM, Luiz Gustavo S. Costa >>> > <luizgust...@luizgustavo.pro.br> wrote: >>> >> Hi all. >>> >> >>> >> I know there is a problem in using rdr with the reply-to, I usually >>> >> use some software to "rdr", as the rinetd, but it's not a pretty >>> >> solution. >>> >> >>> >> Is there any alternative? >>> >> >>> >> Below is an example of what I'm talking about. >>> >> >>> >> # Nat section >>> >> rdr on $if_ext2 proto tcp from any to 200.x.x.x port 80 -> >>> >> 192.168.1.100 >>> >> # Rules section >>> >> pass in $if_ext2 reply-to ($if_ext2 $gw_ext2) proto tcp from any to >>> >> 200.x.x.x port 80 >>> >> >>> > >>> > That rule won't match traffic from that rdr. The dest has to be the >>> > 192.168.1.100 IP. >>> > >>> >>> >>> >>> -- >>> Luiz Gustavo Costa (Powered by BSD) >>> *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+ >>> mundoUnix - Consultoria em Software Livre >>> http://www.mundounix.com.br >>> ICQ: 2890831 / MSN: cont...@mundounix.com.br >>> Tel: 55 (21) 2642-3799 / 7582-0594 >>> Blog: http://www.luizgustavo.pro.br >>> _______________________________________________ >>> freebsd-pf@freebsd.org mailing list >>> http://lists.freebsd.org/mailman/listinfo/freebsd-pf >>> To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org" >> >> >> Hi, Luiz "gugaBSD" Gustavo. >> I don't exactly what your need, but I'll try help. >> >> Try this: >> rdr on $if_ext2 proto tcp from any to 200.x.x.x port 80 tag LINK2 -> >> 192.168.1.100 >> pass in quick on $if_ext2 reply-to ( $if_ext2 $gw_ext2 ) tagged LINK2 >> >> I hope that helps. >> >> Gabriel "ethX" Fonseca >> >> >> >> >> > > -- > Luiz Gustavo Costa (Powered by BSD) > *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+ > mundoUnix - Consultoria em Software Livre > http://www.mundounix.com.br > ICQ: 2890831 / MSN: cont...@mundounix.com.br > Tel: 55 (21) 2642-3799 / 7582-0594 > Blog: http://www.luizgustavo.pro.br > _______________________________________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org" > > -- Luiz Gustavo Costa (Powered by BSD) *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+ mundoUnix - Consultoria em Software Livre http://www.mundounix.com.br ICQ: 2890831 / MSN: cont...@mundounix.com.br Tel: 55 (21) 2642-3799 / 7582-0594 Blog: http://www.luizgustavo.pro.br _______________________________________________ freebsd-pf@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"
